%global gem_name puma %bcond_with ragel Name: rubygem-%{gem_name} Version: 5.6.5 Release: 3 Summary: A simple, fast, threaded, and highly concurrent HTTP 1.1 server License: BSD-3-Clause URL: http://puma.io Source0: https://rubygems.org/gems/%{gem_name}-%{version}.gem Source1: https://github.com/puma/%{gem_name}/archive/refs/tags/v%{version}.tar.gz # Set the default cipher list "PROFILE=SYSTEM". # https://fedoraproject.org/wiki/Packaging:CryptoPolicies Patch0: rubygem-puma-3.6.0-fedora-crypto-policy-cipher-list.patch Patch1: CVE-2023-40175.patch Patch2: CVE-2024-21647.patch Patch3: CVE-2024-45614.patch BuildRequires: openssl-devel ruby(release) rubygems-devel ruby-devel rubygem(rack) BuildRequires: rubygem(minitest) rubygem(sd_notify) BuildRequires: rubygem(nio4r) %if %{with ragel} BuildRequires: %{_bindir}/ragel %endif BuildRequires: gcc %description A simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. %package doc Summary: Documentation for %{name} Requires: %{name} = %{version}-%{release} BuildArch: noarch %description doc Documentation for %{name}. %prep %setup -q -n %{gem_name}-%{version} -b 1 %patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 rm -rf test/test_thread_pool.rb %if %{with ragel} rm -f ext/puma_http11/http11_parser.c ragel ext/puma_http11/http11_parser.rl -C -G2 -I ext/puma_http11 \ -o ext/puma_http11/http11_parser.c %endif %build gem build ../%{gem_name}-%{version}.gemspec %gem_install %install mkdir -p %{buildroot}%{gem_dir} cp -a .%{gem_dir}/* \ %{buildroot}%{gem_dir}/ mkdir -p %{buildroot}%{gem_extdir_mri}/puma cp -a .%{gem_extdir_mri}/gem.build_complete %{buildroot}%{gem_extdir_mri}/ cp -a .%{gem_extdir_mri}/puma/*.so %{buildroot}%{gem_extdir_mri}/puma rm -rf %{buildroot}%{gem_instdir}/ext/ mkdir -p %{buildroot}%{_bindir} cp -a .%{_bindir}/* \ %{buildroot}%{_bindir}/ find %{buildroot}%{gem_instdir}/bin -type f | xargs chmod a+x find %{buildroot}%{gem_instdir}/bin -type f | \ xargs sed -i 's|^#!/usr/bin/env ruby$|#!/usr/bin/ruby|' %check pushd .%{gem_instdir} ln -s %{_builddir}/%{gem_name}-%{version}/test test ln -s %{_builddir}/%{gem_name}-%{version}/examples examples sed -i -e "/require..minitest\/\(retry\|proveit\)./ s/^/#/" test/helper.rb sed -i "/Minitest::Retry/ s/^/#/" test/helper.rb sed -i '/prove_it!/ s/^/#/' test/helper.rb sed -i "/minitest\/stub_const/ s/^/#/" test/helper.rb sed -i '/::Timeout.timeout/ s/45/300/' test/helper.rb mv test/test_preserve_bundler_env.rb{,.disable} mv test/test_worker_gem_independence.rb{,.disable} sed -i -e '/^\s*def test_prune_bundler_with_multiple_workers$/a\ skip' \ -e '/^\s*def test_phased_restart_cluster$/a\ skip' test/test_integration_pumactl.rb mv test/test_puma_localhost_authority.rb{,.disable} sed -i '/def test_ssl_self_signed_configuration_from_DSL/a\ skip' test/test_config.rb sed -i '/def test_ssl_run_with_localhost_authority/a\ skip' test/test_integration_ssl.rb sed -i "s/--tlsv1.2 --tls-max 1.2/--tlsv1.3 --tls-max 1.3/" test/test_integration_ssl.rb mv test/test_integration_single.rb{,.disable} mv test/test_integration_cluster.rb{,.disable} %ifarch aarch64 sed -i '/^ def test_control$/,/^ end$/ s/^/#/' test/test_cli.rb %endif sed -i '/^ def test_timeout_in_data_phase$/a\ skip' test/test_puma_server.rb sed -i '/^ def test_plugin$/a\ skip' test/test_plugin.rb sed -i '/^ def test_verify_fail_if_client_unknown_ca$/a\ skip' test/test_puma_server_ssl.rb sed -i '/^ def test_rack_url_scheme_dflt$/a\ skip' test/test_puma_server.rb sed -i '/^ def test_drain_on_shutdown$/a\ skip' test/test_puma_server.rb sed -i '/^ def test_very_large_return$/a\ skip' test/test_puma_server.rb #OpenSSL certificate has expired, skip relevant test case sed -i '/^ def test_verify_client_cert$/a\ skip' test/test_puma_server_ssl.rb sed -i '/^ def test_verify_fail_if_client_expired_cert$/a\ skip' test/test_puma_server_ssl.rb sed -i '/^ def test_server_ssl_with_cert_pem_and_key_pem$/a\ skip' test/test_puma_server_ssl.rb sed -i '/^ def test_ssl_run_with_curl_client$/a\ skip' test/test_integration_ssl.rb env -u NOTIFY_SOCKET \ TEST_CASE_TIMEOUT=300 \ RUBYOPT="-Ilib:$(dirs +1 -l)%{gem_extdir_mri}" \ CI=1 \ LC_ALL=C.UTF-8 \ ruby -e 'Dir.glob "./test/**/test_*.rb", &method(:require)' - -v %files %dir %{gem_instdir} %{_bindir}/puma %{_bindir}/pumactl %{gem_extdir_mri} %license %{gem_instdir}/LICENSE %{gem_instdir}/bin %{gem_libdir} %exclude %{gem_cache} %{gem_spec} %files doc %doc %{gem_docdir} %doc %{gem_instdir}/History.md %doc %{gem_instdir}/README.md %doc %{gem_instdir}/docs %{gem_instdir}/tools %changelog * Fri Sep 27 2024 wangkai <13474090681@163.com> - 5.6.5-3 - Fix CVE-2024-45614 * Wed Aug 07 2024 Ge Wang - 5.6.5-2 - OpenSSL certificate has expired, skip relevant test case * Thu Apr 11 2024 wangkai <13474090681@163.com> - 5.6.5-1 - Update to 5.6.5 - Fix CVE-2022-24790,CVE-2023-40175 * Fri Jan 12 2024 wangkai <13474090681@163.com> - 5.5.2-4 - Fix CVE-2024-21647 * Tue Dec 19 2023 yaoxin - 5.5.2-3 - Fix CVE-2022-23634 * Thu Sep 1 2022 liyanan - 5.5.2-2 - Support for cert_pem and key_pem with ssl_bind DSL * Thu Jun 30 2022 wulei - 5.5.2-1 - Upgrade to 5.5.2 * Tue May 10 2022 yaoxin - 4.3.9-2 - License compliance rectification * Mon Nov 15 2021 houyingchao - 4.3.9-1 - Fix CVE-2021-41136 * Mon May 31 2021 wangyue - 3.12.6-2 - Fix CVE-2021-29509 * Wed Feb 03 2021 shinwell_hu - 3.12.6-1 - Upgrade to 3.12.6 to fix following known CVEs CVE-2020-11077 CVE-2020-11076 - Workaround test failure on x forwarded protol * Thu Aug 20 2020 luoshengwei - 3.12.4-1 - package init